May 2022 - rwth-security - lists.rwth-aachen.de

Bypassing LDAP Channel Binding with StartTLS (Active Directory)
by Bernd Kohler 08 Jan '24

08 Jan '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Bypassing LDAP Channel Binding with StartTLS" VG Bernd [0] https://offsec.almond.consulting/bypassing-ldap-channel-binding-with-startt… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

Cert-EU: Hardening Signal
by Bernd Kohler 20 Sep '23

20 Sep '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Hardening Signal" VG Bernd [0] https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

Log4Shell-Rex
by Bernd Kohler 01 Jun '22

01 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Log4Shell-Rex" --> nutzbar z.B. via "find /var/log -name "*.log" | xargs grep -P ${Log4ShellRex}" VG Bernd [0] https://github.com/back2root/log4shell-rex -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

SMBeagle - (SMB) fileshare auditing tool
by Bernd Kohler 22 May '22

22 May '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "SMBeagle" --> (SMB) fileshare auditing tool VG Bernd [0] https://github.com/punk-security/SMBeagle -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

This New Fileless Malware Hides Shellcode in Windows Event Logs
by Bernd Kohler 20 May '22

20 May '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "This New Fileless Malware Hides Shellcode in Windows Event Logs" VG Bernd [0] https://thehackernews.com/2022/05/this-new-fileless-malware-hides.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

Quantum-safe cryptography – fundamentals, current developments and recommendations
by Bernd Kohler 19 May '22

19 May '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Quantum-safe cryptography – fundamentals, current developments and recommendations" VG Bernd [0] https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Brochure/q… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

A Tale of Two Markets: Investigating the Ransomware Payments Economy
by Bernd Kohler 19 May '22

19 May '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "A Tale of Two Markets: Investigating the Ransomware Payments Economy" VG Bernd [0] https://arxiv.org/pdf/2205.05028 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

The Firmware Security Analyzer
by Bernd Kohler 19 May '22

19 May '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "The Firmware Security Analyzer" VG Bernd [0] https://reconshell.com/the-firmware-security-analyzer/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Researchers Find Potential Way to Run Malware on iPhone Even When
by Bernd Kohler 16 May '22

16 May '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF" VG Bernd [0] https://thehackernews.com/2022/05/researchers-find-way-to-run-malware-on.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

"foreach" on npm - domain expired - now new "maintainer"
by Bernd Kohler 10 May '22

10 May '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI I just noticed "foreach" on npm is controlled by a single maintainer. I also noticed they let their personal email domain expire, so I bought it before someone else did. I now control "foreach" on NPM, and the 36826 projects that depend on it. VG Bernd [0] https://mastodon.social/@lrvick/108274265429826806 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0